QKD methods and systems have been developed which enable two parties to share random data in a way that has a very high probability of detecting any eavesdroppers. This means that if no eavesdroppers are detected, the parties can have a high degree of confidence that the shared random data is secret. QKD methods and systems are described, for example, in U.S. Pat. No. 5,515,438 and U.S. Pat. No. 5,999,285. In known QKD systems, randomly polarized photons are sent from a transmitting apparatus to a receiving apparatus either through a fiber-optic cable or free space.
Whatever particular QKD protocol is used, QKD methods typically involve sending a random data set from a QKD transmitter to a QKD receiver over a quantum signal channel, the QKD transmitter and receiver then respectively processing the data transmitted and received via the quantum signal channel with the aid of messages exchanged between them over an insecure classical communication channel thereby to derive a common subset of the random data set. The processing includes an error correction phase during which a substantial number of messages are exchanged over the classical communication channel.
The classical communication channel is insecure in that it is not required to be confidential. However, in order to prevent a “man in the middle” type of attack, message authentication and integrity checking are still needed and are usually carried out for every message sent over the classical communication channel leading to a considerable processing overhead.